Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 03 Jan 2014 12:44:42 -0500
From: Daniel Kahn Gillmor <dkg@...thhorseman.net>
To: oss-security@...ts.openwall.com
CC: gremlin@...mlin.ru
Subject: Re: kwallet crypto misuse

On 01/03/2014 02:27 AM, gremlin@...mlin.ru wrote:
> On 02-Jan-2014 09:15:15 +0100, Florian Weimer wrote:
> 
>  > I just noticed this is now public:
>  > http://gaganpreet.in/blog/2013/07/24/kwallet-security-analysis/
>  > Short summary: kwallet uses Blowfish to encrypt its password
>  > store, and despite an attempt at implementing CBC mode (in a
>  > file called cbc.cc no less), it's actually ECB mode.
> 
> That's unpleasant, but not really a fatal issue...
> 
>  > UTF-16 encoding combined with Blowfish's 64 bit block size means
>  > there are just four password characters per block.
> 
> But this is: any and all passwords, being used for encryption key
> generation, must be hashed, then salted, then hashed again. SHA-256
> may be a good choice for generating Blowfish 256-bit key this way.

what kind of hashing and salting are you talking about?  i don't think
hashing and salting makes sense in the context that you were quoting
above.  Are you aware that kwallet stores a database of passwords that
need to be able to be produced back for the user (or the user's
applications) in the clear?

	--dkg


[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ